commit 9bed8ec5d85536275ca32b0cd6bb738612ea98e6
author Valerio Setti <vsetti@baylibre.com> Thu Nov 17 16:36:19 2022 +0100
committer Valerio Setti <vsetti@baylibre.com> Thu Nov 17 16:36:19 2022 +0100
tree a67f084b9d9afe93a89366a554e525fee00340ac
parent 30ebe11f869ef6c04396e77bc091ca2d31a45c17

tls: psa_pake: make round two reading function symmatric to the writing one

Signed-off-by: Valerio Setti <vsetti@baylibre.com>

library/ssl_tls.c

diff --git a/library/ssl_tls.c b/library/ssl_tls.c
index 06a5ec5..ae12c7e 100644
--- a/library/ssl_tls.c
+++ b/library/ssl_tls.c
@@ -8240,7 +8240,7 @@
 int mbedtls_psa_ecjpake_read_round_two(
                                     psa_pake_operation_t *pake_ctx,
                                     const unsigned char *buf,
-                                    size_t len, int role )
+                                    size_t len )
 {
     psa_status_t status;
     size_t input_offset = 0;
@@ -8251,25 +8251,6 @@
     {
         size_t length;
 
-        /*
-         * On its 2nd round, the server sends 3 extra bytes which identify the
-         * curve:
-         * - the 1st one is MBEDTLS_ECP_TLS_NAMED_CURVE
-         * - the 2nd and 3rd represent curve's TLS ID
-         * Validate this data before moving forward
-         */
-        if( ( step == PSA_PAKE_STEP_KEY_SHARE ) &&
-            ( role == MBEDTLS_SSL_IS_CLIENT ) )
-        {
-            uint16_t tls_id = MBEDTLS_GET_UINT16_BE( buf, 1 );
-
-            if( ( *buf != MBEDTLS_ECP_TLS_NAMED_CURVE ) ||
-                ( mbedtls_ecp_curve_info_from_tls_id( tls_id ) == NULL ) )
-                return( MBEDTLS_ERR_ECP_BAD_INPUT_DATA );
-
-            input_offset += 3;
-        }
-
         /* Length is stored at the first byte */
         length = buf[input_offset];
         input_offset += 1;